VisualExploit.py

[Dave Aitel <dave () immunitysec com>]

So one of the things I'm working on now will probably disgust many of 
you. But I wanted to share it anyways, cause I think it's neat. Lately 
I've been doing a lot of beginner exploit classes. These classes have 
been going well, overall, but since I do it so often, I've been working 
on an otherwise insane idea: A 4th Generation Language for exploit 
creation. This is more properly called a "Visual Language", not to be 
confused with Visual Studio.

Here's a good description of the general catagory.
http://www.hypernews.org/~liberte/computing/visual.html

Basically, instead of writing in Python, you'll use a Dia-like interface 
to connect blocks of things together and drag other blocks over those 
blocks to create string generators, etc. This will then end up compiling 
down to a Python CANVAS module. I'm putting some nice wizards in to 
guide people through the process of writing exploits as well.

There are a few benefits:
o Beginners don't need to learn Python while they also learn assembly 
and exploitation and ollydbg all at once - and maybe even old hands will 
play with it for fun or because it's faster for small projects
o Wizards can enforce good coding practices for exploits - even good 
Python programmers sometimes use str+=str2, which is bad exploit coding 
practice since it changes string size. (Hi Rich)
o You don't have to learn the CANVAS API to write CANVAS exploits, you 
just have to drag the boxes over the other boxes
o Visual programming is ideal for plugging into automated exploit 
generation frameworks (click "find the bad bytes" and PDB goes and does 
this)
o Visual programming is more natural for many aspects of exploit string 
creation - for example, putting jumps into your string is easier if you 
can just drag the arrow to where you want the destination of the jump, 
rather than having to do calculations.Keep in mind that having MOSDEF 
under the covers means you can automatically compensate for bad bytes, 
and do other neat tricks.

But the basic idea is that yes: You'll be able to write a fully 
functioning exploit without any code or programming experience at all.

I'm hoping to demo this at CanSec, but it may not be done by then. 
Either way, I'm interested in everyone's perspectives on it. If there's 
a pyGTK/pyGame guru who wants to remove my pain in exchange for some 
reasonable amount of cash, then that's welcome too. :>

Thanks,
Dave Aitel
Immunity, Inc.


_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave